On ke, 28 huhti 2021, Dominik Vogt via FreeIPA-users wrote:
We install a freeipa-server with a constant set of clients that
never changes, and install the DNS server with ipa-server-install.
Dynamic DNS updates are automatically enabled.
I'm not sure what the best way is to get rid of the dynamic update
capabilities completely. During installation ipa-dns-install has
added a block about dynamic updates at the end of named.conf. Can
we just remove this block to disable the feature? Is anything
else required?
Dynamic DNS updates are controlled by the properties of a DNS zone, not
in named.conf.
$ ipa dnszone-mod --help|grep dynamic
--dynamic-update=BOOL
Allow dynamic updates.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland